FTC Approves Final Order in ASUS Privacy Case

Share This Page

After a public comment period, the Federal Trade Commission has approved a final order resolving the Commission’s complaint against ASUSTeK Computer, Inc., charging that critical security flaws in its routers put the home networks of hundreds of thousands of consumers at risk.

Under the terms of the consent order, ASUS is required to establish and maintain a comprehensive security program subject to independent audits for the next 20 years. In addition, ASUS must notify consumers about software updates or other steps they can take to protect themselves from security flaws, including through an option to register for direct security notices (e.g., through email, text message, or push notification).

The consent order also prohibits the company from misleading consumers about the security of the company’s products, including whether a product is using up-to-date software.

The Commission vote to approve the final order and letters to commenters was 3-0.